You compete on price. You compete on quality. You compete on marketing. You compete on location. But in 2014 and beyond, a new differentiator for consumer and enterprise businesses has emerged: trust.
While you need compliance, security and privacy, trust requires more. Engendering trust requires a three-part corporate strategy that, when executed correctly, becomes a top business differentiator in revenue growth and long-term customer satisfaction.
Trust is now the new corporate battlefield. Elevating trust to the top ranks of your organization is step one, and the most critical success factor that will vault your company to the top of its market. Today, most companies still have a combo compliance/security ‘officer,’ who in reality is not a corporate officer at all and usually reports to the CIO. In the old days, security was seen as a technology issue with a big cost and little visible return. That was then; this is now.
In the lucrative cloud space, Salesforce.com is the first to announce a “Chief Trust Officer”, or CTrO. In the ‘box’ space, Box.com quickly moved from hacked to establishing an industry leading CTrO. Even security companies have joined the game, with Ciphercloud naming a CTrO. In each of these highly competitive markets, expect more leaders to follow suit in 2014.
Security, privacy, and compliance are important components of corporate trust, but for step two they need to be augmented to start creating a more trustworthy enterprise, with a greater focus on protecting client experience. Using the newly elevated executive attention to drive real change, you can begin to demonstrate return on investment with metrics on revenue and customer satisfaction. (Many companies use the Net Promoter Score or NPS to gage customer satisfaction.)
Separating security and compliance, and chartering security to become more threat proactive and incident responsive, will give your company a stronger footing in keeping your client information safe and your products and services running at top form. You must do a better job at making your security more proactive, but that effort alone does not engender trust.
The third step that’s needed to convert all this hard work and expense into increased revenues and profit is to communicate all you’re doing to keep client data safe and available. The mistake most companies make is to rely on crypto-jargon, such as “Government-grade encryption” or “256-bit encryption,” as if either of these terms are any more meaningful to a client than ‘Space Age Technology,’ but many experts still fall back on this wording because everyone else does.
Companies must establish and communicate trust by improving their security and privacy practices, and then by creating a ‘trust office’ that truly communicates their real security posture and their efforts to maintain and improve it. Confronting real issues, even when an organization doesn’t yet have the best answers, and being empowered, available, transparent and responsive are keys to success. Creating open and ongoing trust dialogs with clients and prospects, listening to their concerns and altering products and procedures accordingly will create customer lock-in and establish long-term trust.
Existing sectors, such as retail and banking, already compete on trust. Many of the newest and most heavily invested sectors, including smart cars, smart homes, smart health, cloud, mobile, industrial control systems and big data, all will compete even more using trust as a differentiator. As smart cars move from syncing your music to driving your car, smart homes move from adjusting your thermostat to unlocking your doors, and health devices move from checking your heartbeat to maintaining your heartbeat, consumers and organizations will use trust as a key decision factor.
Hiring a CTrO, changing and enhancing your security and opening honest trust dialogs with customers and prospects are not easy tasks. However, the effort is lucrative. You’ll see benefits in terms of increased pipelines, growing revenues, higher NPS satisfaction scores and a more positive workplace and customer ecosystem. Finding a CTrO that has the technical and security chops, and can communicate in business terms is not easy, and many of today’s chief security officers will have to be ‘grown’ into CTrOs over time, but the benefits also are tangible.
Creating trust is a business decision, not a technical one. Creating real trust takes strong leadership and a long-term commitment. However, it’s the newest way to grow revenue, take market-share, sustain business and build a quality user community that lasts a lifetime and adds bottom-line value.
This post was first published in CSO by IDG Communications, Inc. at http://www.csoonline.com/article/2449585/security-leadership/competing-on-trust.html.